Currently, the Wireless Network Security standards and protocols are fall into 3 categories:
Encryption
It use to ensures privacy of data transmitted through the air
It can be done at Layer 2 (WPA2, WPA, WEP, TKIP, AES) or Layer 3 (VPN)
Authentication
It can ensures that only authorized users with proper credentials are allowed to use the network such as security certificate or LDAP matching attribute (login and password).
Authentication methods include EAP, captive portal, VPN
Access Control
Provides a policy enforcement structure to control the traffic of authorized users, including networks, bandwidth, time of day, and protocols. Some solutions preferred to integrate with Network Access Control (NAC) supported appliance for managing the access control.
Showing posts with label WEP authentication. Show all posts
Showing posts with label WEP authentication. Show all posts
January 28, 2009
December 17, 2008
Aruba offers quite secure WEP authentication
Even though we know that WEP is already broken, but still better than deploying wireless without encryption at all. Deploying an Aruba network significantly reduces an attacker’s ability to crack WEP. Cuurently, the WEP cracking tools such as (Airsnort, WEPcrack) rely on packets with weak initialization vectors (IVs) in order to conduct analysis. Aruba controllers will not generate packets with weak IVs – thus all downstream packets will be unusable for cracking purposes
Some other cases, clients will still generate weak IVs – small percentage of client traffic will contain packets with weak IVs. A determined attacker will eventually crack the WEP key – though it may take weeks using client traffic alone. - Wireless Zone
For more secure authentication, you have an option to use 802.1x type of authentication and enhance with WPA2 encryption offered by Aruba Controller.
Subscribe to:
Posts (Atom)